Secure Multi-Party Computation (MPC)
Secure Multi-Party Computation (MPC) is a broad area within cryptography that refers to the challenge of performing arbitrary computation on (private) data that is held by two or more parties. The security guarantee is that the parties should learn the output of the computation, but learn nothing else about any other party’s data. As there is no restriction on what the computation is, MPC covers a broad range of applications, including: analytics, auditing, machine learning/artificial intelligence, optimization problems, and many more.
There are a number of approaches for instantiating MPC, including (fully) homomorphic encryption, zero-knowledge, abstracting the computation as a circuit, secure computation in the RAM model, and more. At Stealth, we have software libraries and products that support MPC in a variety of ways, including: secure computation engine, searchable encryption, zero-knowledge toolkit, and our library of cryptographic primitives.
(Fully) Homomorphic Encryption
Homomorphic Encryption refers to a specialized kind of encryption scheme that allows for operations to be performed on encrypted data. Namely, this means that users can encrypt their data, then perform the desired computation on the ciphertexts, and finally decrypt the result. While current techniques only allow for computations that involve addition, subtraction, and multiplication operations on ciphertexts, mathematics demonstrate how any computation can be approximated (with arbitrary precision) using only these operations, thus making homomorphic encryption a powerful tool for realizing MPC for arbitrary functionalities.
At Stealth, we have contributed to the field of homomorphic encryption via our research efforts as well as supporting tools in our cryptographic software library.
Zero Knowledge (ZK)
Zero Knowledge refers to the subfield of cryptography in which a user can demonstrate knowledge of some secret fact without revealing the fact itself. For example, a user can prove they have sufficient funds for a proposed purchase, without directly revealing how much money they have nor allowing direct visibility to their account(s). Zero-knowledge currently has a number of applications in blockchains, and the field is growing to address software vulnerabilities/bugs, private auditing, software transparency, and more.
At Stealth, we are advancing research and development in the area of zero knowledge, by creating a “compiler” for translating statements from generic form (e.g. a computer program) to a language amenable to zero knowledge, as well as designing efficient protocols between prover and verifier that perform the “proof”. More information can be found in a description of our efforts for the our work on the DARPA SIEVE program on our project page, as well as in our zero-knowledge toolkit.
Distributed Consensus and Blockchain
Blockchain is the framework upon which cryptocurrencies, “smart” contracts, and many other technologies requiring decentralized approval are built. Blockchain is relevant in settings where a disparate group of users need to exchange and track information as it flows between them, and where there is no centralized authority that is trusted to maintain the integrity and legitimacy of the system — instead, the users themselves are responsible for maintaining the system. While the features that each blockchain solution provides differ greatly between each other, and the mechanisms for supporting these features vary as well, any blockchain solution must offer at a minimum:
- Distributed Consensus: A mechanism that allows for ad-hoc subgroups of the full user network to approve the latest updates to the system, and for the full network to agree/have identical views on the “current state” of the system.
- Immutable Ledger: Once information is approved/appended to the blockchain, it cannot be altered/removed.
Stealth has built technology that supports a privacy-enhanced blockchain framework, in which private information can be stored “off-chain,” which is linked to public records that appear “on-chain,” thus allowing a hybrid solution that has the benefits of standard blockchain solutions (auditability, decentralized management) but offers additional functionality for the storage and processing of sensitive information.
Searchable Encryption
As more organizations move their data storage services off-site (e.g. to Cloud servers), an extra layer of risk is introduced: compromise of the Cloud server. While encrypting all information stored remotely (which we do) partially addresses this concern, there are other damaging leakage issues that may arise, especially when (authorized) users attempt to access the stored information. For example, while most Cloud services offer encryption at rest (while data is being stored but not accessed), the ability to access/use the stored data often requires decrypting it. In the case the Cloud service is acting as a database server that can return specific data elements to (authorized) users, finding the matching records thus requires such services to first decrypt the records. Even if the Cloud service itself is considered trustworthy, just having access to the decryption keys means the system is vulnerable to attack. Searchable encryption avoids this vulnerability by allowing the server to find matching records without decrypting them – the search is performed on the encrypted records themselves.
In addition to our results that directly apply to searchable encryption, Stealth has also been actively involved in the research and development of supporting technologies, such as Private Information Retrieval (PIR), Oblivious RAM (ORAM), Zero-Knowledge (ZK), and others.
Private Information Retrieval (PIR)
Private Information Retrieval (PIR) refers to a setting in which users can access information stored remotely (e.g. in the Cloud), hiding from the server which specific records are being fetched. For example, PIR is relevant for:
- Browsing the Web while hiding from the ISP which content they are accessing;
- Hiding which records are fetched in a database (useful feature for Searchable Encryption);
- Anonymizing communication, e.g. by hiding from a Mail Server which messages are being read;
- Many more…
Oblivious RAM (ORAM) &
Garbled RAM (GRAM)
Oblivious RAM (ORAM) and Garbled RAM (GRAM) are subfields of Cryptography that allow a system to perform create/read/update/delete (CRUD) operations, without revealing to the system which CRUD operation is being performed, as well as the location(s) being accessed and the values that are read/written. ORAM/GRAM are important tools for building searchable encryption (for preventing metadata/indirect leakage) and secure multiparty computation (for hiding data-dependent execution of the given computation).
In addition to helping to pioneer research efforts in these areas, Stealth’s software toolkit provides industry-leading instantiations of these tools.
Function Secret Sharing
In the 1970s, the notion of secret-sharing was introduced, whereby a user could distribute shares of their data to several other individuals, with the property that nothing could be learned about the data unless all shares were combined. In the 2010s, methods were introduced to generalize the secret-sharing functionality to functions, which are able to encode far more information than the individual data elements for which secret-sharing is designed for. Function Secret Sharing (FSS) refers to the study of this new field, which has numerous applications including:
-
Privacy-preserving contact tracing;
-
Private Information Retrieval and Writing (PIR/PIW) and Oblivious RAM (ORAM);
-
Large-scale, real-time data collection and storage of private data.